Title :
Verifying security requirements using model checking technique for UML-based requirements specification
Author :
Aoki, Yuya ; Matsuura, Saeko
Author_Institution :
Grad. Sch. of Eng. & Sci., Shibaura Inst. of Technol., Saitama, Japan
Abstract :
Use case analysis is known to be an effective method to clarify functional requirements. Security requirements such as access or information control tend to increase the complexity of functional requirements, and therefore, need to be correctly implemented to minimize risks. However, general developers find it difficult to correctly specify adequate security requirements during the initial phases of the software development process. We propose a method to verify security requirements whose specifications are based on Unified Modeling Language (UML) using the model checking technique and Common Criteria security knowledge. Common Criteria assists in defining adequate security requirements in the form of a table. This helps developers verify whether UML-based requirements analysis models meet those requirements in the early stages of software development. The UML model and the table are transformed into a finite automaton in the UPPAAL model checking tool.
Keywords :
Unified Modeling Language; authorisation; formal specification; formal verification; UML-based requirement specification; UPPAAL model checking tool; Unified Modeling Language; access control; common criteria security knowledge; functional requirements; information control; model checking technique; security requirements; software development process; use case analysis; Access control; Analytical models; Data models; Model checking; Software; Unified modeling language; Access Control; Common Criteria; Model Checking; Security Requirements; UML; Verification;
Conference_Titel :
Requirements Engineering and Testing (RET), 2014 IEEE 1st International Workshop on
Conference_Location :
Karlskrona
DOI :
10.1109/RET.2014.6908674
